Originally posted by XanthosNZWell I got NOD and it ran in 42 minutes, more than twice as fast
I've been told by people who have tested NOD32 on files with the exploit but no malicious code that it will pick it up. You may need to change the settings to scan image files (as this is the first exploit that uses them so they were considered safe).
When I heard about this exploit (Dec 26th or so, hence last year just) it was considered a zero-day exp ...[text shortened]... lready been used in the wild and is considered urgent) so who knows how long it's been around.
as AVG. I saw it scanned 146,000 odd files and the settings showed
I could have done more kind of scans so it would slow down for
an industrial strength scan. It did find something called
Mywebsearch and killed it. I am going to try it in safe mode, I heard
more stuff will be picked up that way.
I have a question about AV's in general. If I understand it correctly,
antivirus scanners scan by brute force, that is, you have a list of
fingerprints and you have a list of files to check. So it would look like
it has, say 100,000 fingerprints and 100,000 files to check then the
amount of checking would be 100,000^2 which is in this case
ten billion file/signature checks. It would seem to me this kind of
program would not be very amenable to sneaky math simplifications
that you get with programs like prime searches and the like.
So it seems that as time goes by, like in my example,
now Prg A has 100,000 fingerprints and one year later, its 200,000
fingerprints, then one year later if it ran those 10 billion searches
in 45 minutes, one year later it would run in 90 minutes, etc.
So what happens in say 5, years or ten years. Remember, double the
fingerprints doubles the number of searches but as time goes on,
the typical user also adds more and more programs so like in my
comp, NOD searched 146,000 files but a year from now I may have
200,000 files it would have to search so 200,000^2 would cause
the comp to go through 40 BILLION searches, 4 times as our
theoretical first example. So it would seem, as I have seen,
these searches will take progressively longer and longer maybe to
such an extent that it may take 8 hours to get through a search.
That certainly would be the case if the computers remained static in
speed but we know they will inevitable get faster also but wonder
if the increase in comp speed will keep pace with the increase in
the searches in the same span of time, given more programs installed
and more fingerprints discovered. It seems maybe they have to
delete older fingerprints to pare down the size of the search tree but
that might lead to the re-use of old viruses if they do. Sticky problem
looks like to me.
Originally posted by sonhouseRemember Moore's Law.
Well I got NOD and it ran in 42 minutes, more than twice as fast
as AVG. I saw it scanned 146,000 odd files and the settings showed
I could have done more kind of scans so it would slow down for
an industrial strength scan. It did find something called
Mywebsearch and killed it. I am going to try it in safe mode, I heard
more stuff will be picked up t ...[text shortened]... but
that might lead to the re-use of old viruses if they do. Sticky problem
looks like to me.
Originally posted by XanthosNZFrom the linked article;
This has been public since last year. Also NOD32 will find and deal with this in all it's incarnations.
The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week.
So how Nod can deal with it is a mystery. [if it was true, which seems highly unlikely]
Originally posted by XanthosNZWell so far I have seen the virus scan time beating moore's
Remember Moore's Law.
law hands down. The basic speed of the CPU's have stayed
pretty static for the past year and are not likely to increase
significantly in the next few years, like getting anywhere near
10 GHZ for instance. The trend going on now is, as you already know,
muliple CPU's and multi cpu chips. Moore simply says the number
of transistors on a chip doubles every 18 months or so quads in
3 years, which means at that point transistors are 1/2 the size in X
and 1/2 the size in Y direction which as you know is four times the
number of transistors in the same area.
A lot of manufacturers are already at the 90 NM level (0.09 micron)
and are pushing for the 64 NM node, and talk about 50, 40, 30 NM
going on as well. It remains to be seen how far they can actually
push that technology, although they have done wonders with it
now compared to even 3 years ago, now a class one cleanroom
for 90 NM can cost BILLIONS of dollars, enough to give even Intel
pause, I hear noises like 10 billion or so for the very latest
cleanrooms. The price of admission can only go up as the NM level
goes down. What if they know how to make 30 NM parts but the
cleanroom costs 50 billion dollars? How likely is it for those parts to
actually be made.
So it seems for the next few years, 4 or 5, things will get a lot smaller
but only up to a point. After that, entirely new techniques will have
to be invented, such as working quantum computers or maybe
nanotube transistor chips which are already coming out of the labs,
there are some neat tricks being done with nanotubes as you already
are undoubtly aware. I think the present style of chip making will
run its course in less than 15 years and either fundamental limitations
will raise its head or the cleanrooms to actually make such chips
will cost 100 billion or some such, which at that point the effective
increases will be over. So ultimately newer and exponentially
faster technologies will have to evolve.
Which means it is going to be quite a horse race, guessing how
long it will take to run a virus scan in ten years, eh.
Originally posted by sonhouseFirst of all, I am on my trip. For now, I'm borrowing a friends laptop, but I'm buying my own in Sudbury. I started moving around 6:00pm when I got to my hotel. Classes today, meetings tomorrow, friend's reunion tomorrow night, then off to Toronto to attend a small tech's get together. Then I go home the day after. I like getting out of town, but I like this site so much I can't get away.
Hi, you seem to be around still. Thought you were going on a trip.
I got one suggestion about my router problem from my IP.
He said he has a router and it resets every time he turns on his
vacuum cleaner. That presumably would put a nice power pulse
or dip in the power into the router, maybe they are more sensitive
to power spikes than the computer pow ...[text shortened]... they can't take more than 50 watts between the
two of them I would think. What do you think?
Anyway, the power spike issue:
Computers are exceptionally vulnerable to power fluctuations. Anything that affects the router's performance should cause noticable changes to other things. Light and monitor flickering. Now, vacuum cleaners do drain power supplies. If your house has old electric wiring, then multiple rooms will be on the same fuse and all be affected by one fluctuation. A UPC is a solution and a good idea.
Originally posted by Dr StrangeloveLast week was last year. Also the definitions for NOD32 are always among the first to be updated.
From the linked article;
The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was [b]first discovered last week.
So how Nod can deal with it is a mystery. [if it was true, which seems highly unlikely][/b]
Here is the NOD32 site: http://www.nod32.ch/en/index.php
Notice on the left:
"WMF Vulnerability
30.12.2005 [Last year]
With a specially crafted wmf file an attacker can run arbitrary code on a user's system - a patch from Microsoft is not yet available. NOD32 includes a generic detection of such wmf files as of signature database version 1.1342. There's already numerous reports of this vulnerability being used in the wild to compromise computers. More information on the vulnerability is available from Microsoft - http://www.microsoft.com/technet/security/advisory/912840.mspx."
Originally posted by Whats goin on ehYeah, the wiring in this house has several generations of wire in it.
First of all, I am on my trip. For now, I'm borrowing a friends laptop, but I'm buying my own in Sudbury. I started moving around 6:00pm when I got to my hotel. Classes today, meetings tomorrow, friend's reunion tomorrow night, then off to Toronto to attend a small tech's get together. Then I go home the day after. I like getting out of town, b ...[text shortened]... he same fuse and all be affected by one fluctuation. A UPC is a solution and a good idea.
One time I put in a ceiling fan and had to dig into the second floor
bedroom to access the living room ceiling underneath for power,
I found the power to the light in the living room was honest to god
19th or very early 20th century, separate CLOTH insulated wires
where holes drilled through wood had CERAMIC tube insulators!
It was like looking at Tesla's laboratory or something!
And the circuits going from a given CB has no logic. Stuff in the attic
on the same circuit as stuff in the basement, etc. The house
was mostly redone but, hell, about 30 years ago, the house is 100
years older than THAT, but they missed some of the REALLY old stuff.
Plus the frigging power company sends us about 124 volts and
everything dies early here, I had a TV catch on FIRE!, stoves
blow up in my hand when I switched it on, the so-called 7 year lights,
those spiral flourescents, they go out in about 6 months.
So I can state for a fact we have power problems here! I got a
3000 watt variac at a hamfest a few years ago and I keep promising
to install it in some of the more sensitive circuits, cut it down to 110
volts. I can also install a buck-boost transformer, an interesting
gadget, a transformer that only has to be as large as the differance
in power, that is to say, a 10,000 watt buck-booster need only be
built to take 1,000 watts which is really cool, as it can cut or increase
the house voltage by ten percent or so which is just what we need to
get the voltage down to a reasonable level. The power bill should go
down too, at least for resistive loads. It should help out all around
but special protection is still needed for sensitive devices.
I still am not sure if it actually needs a UPS. That is basically only
a fast switcher if you lose power for X amount of cycles.
I have to have a unit that stops the spikes and dips, evens out the
power, something a UPS can't do unless it is specifically designed to
do that as well as switch. Line conditioners do that job, maybe better
than surge protectors. The best way would be to have a small
110 volt generator run by a small ac motor with a nice fat flywheel!
that would isolate ANY spikes or dips for a certain amount of time.
Add a UPS to THAT and you would be total protected! I remember
one of the Ion Implanters I used to work on did just that, mainly
to get power across a 200,000 volt barrier, using a motor and
a three foot long fiberglass shaft with the generator inside the
high voltage section. Did the job.